preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-05-22T10:00:00

Updated: 2024-08-07T08:32:01.432Z

Reserved: 2008-04-15T00:00:00

Link: CVE-2008-1804

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-05-22T13:09:00.000

Modified: 2017-08-08T01:30:28.277

Link: CVE-2008-1804

cve-icon Redhat

Severity :

Publid Date: 2008-05-21T00:00:00Z

Links: CVE-2008-1804 - Bugzilla